Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
Parent process
Related files
deal vault-bg.exe
Deal Vault by Excellent Apps (Signed)
| Version: | 1.1.151.6 |
| MD5: | 821e246ba711eb80abc10e72564e7d69 |
| SHA1: | fc10d95786f38527f08e6c4546e76d3891dcdfc3 |
| SHA256: | 74fc831cbfda2934b94007a9ec282dc8457fc309dffa6199b2562206d6d31cf1 |
Warning 4 antivirus scanners has detected malware.
Overview
deal vault-bg.exe is malware that executes as a process with the local user's privileges typically within the context of its parent
iexplore.exe (by Microsoft). This is typically installed with the program Deal Vault published by 215 Apps and is most likely removed by most users once installed (79% removed). The file is digitally signed by Excellent Apps which was issued by the Thawte certificate authority (CA). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).
Details
| File name: | deal vault-bg.exe |
| Publisher: | 215 Apps |
| Product name: | Deal Vault |
| Description: | Deal Vault exe |
| Typical file path: | C:\Program Files\deal vault\deal vault-bg.exe |
| Original name: | Deal Vault.exe |
| File version: | 1.1.151.6 |
| Size: | 926.88 KB (949,128 bytes) |
| Certificate |
| Issued to: | Excellent Apps |
| Authority (CA): | Thawte |
| Effective date: | Wednesday, August 29, 2012 |
| Expiration date: | Friday, August 30, 2013 |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
Deal Vault from 215 Apps (Amazing Apps/50onRed) installs a web browser extension (Internet Explorer Browser Helper Object) to view web pages loaded and looks for affiliated merchants in order to possibly provide better pricing or alternative deals on a given product or merchant. Basically if Deal Vault has a pre-arranged affiliate relationship with a similar merchant it will alert you when you visit through your web browser. Deal Vault ...
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| ESET NOD32 |
7.8893 |
a variant of Win32/Toolbar.CrossRider.E |
| Sophos |
4.93.0 |
AppRider |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.R0C1H0AIQ13 |
| VIPRE Antivirus |
22218 |
GamePlayLabs (v) |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.12733046% | |
| Kernel CPU: | 0.02816945% | |
| User CPU: | 0.09916101% | |
| Memory |
| Private (maximum): | 13.37 MB | |
| Private (minimum): | 13.01 MB | |
Process properties
| Platform: | 64-bit |
| Command line: | "C:\Program Files\deal vault\deal vault-bg.exe" /createbg |
| Owner: | User |
| Parent process: | iexplore.exe (by Microsoft) |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
100.00% |
|
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Acer |
100.00% |
|
